@ch1/browser-dna
Advanced tools
This is not well maintained
yarn add @ch1/browser-dna
This is a simple browser finger print generator that focuses on the JavaScript side of browser finger printing.
For full fledged fingerprinting, server side solutions should also be used. They would look at HTTP headers, IPs, and if they have access to lower protocols even OS fingerprinting.
Fingerprinting can be a hot button topic and for good reason. Privacy on the internet is an illusion. We should expect some modicum of privacy but we should also be aware of the limitations of the tools we use. This library and other - more robust - libraries like Panopticlick show just how much trivial seeming data we give away that actually "marks" us.
Ultimately your fingerprint from a library like this, in combination with an IP address is not really enough to uniquely identify most people but it really shrinks the pool, especially in certain areas.
While we want and should have privacy there is a strong use case for having our connections be semi-identifiable.
Consider the following:
This is where at least fingerprinting headers and connection detail server side helps.
Another case would be implementing an app that uses semi-anonymous sharing having a JS + server side fingerprint would allow the app to somewhat distinguish anonymous connections for the purpose of say short term chat.
import { create } from '@ch1/browser-dna';
const fingerprint = create();
// now send fingerprint to a server
The current fingerprint only includes this set:
export interface Fingerprint {
browserDepth: number;
browserHeight: number;
browserWidth: number;
concurrency: number;
os: string;
plugins: string[];
tzOffset: number;
usesTouch: boolean;
usesCookies: boolean;
}
0.1.1
Actually build the code before publishing (version bump)
FAQs
Browser DNA is a tool for generating web browser fingerprints
The npm package @ch1/browser-dna receives a total of 2 weekly downloads. As such, @ch1/browser-dna popularity was classified as not popular.
We found that @ch1/browser-dna demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.